package cn.com.zsc.loginFiter;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.Hashtable;
import java.util.Vector;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import cn.com.zsc.hr.AttendanceManager;
import cn.com.zsc.system.vo.UserVO;
import cn.com.zsc.util.Azdg;
import cn.com.zsc.util.ConstValue;

import com.jarp.db.DAO;

public class LoginServlet extends HttpServlet {

	/**
	 * serialVersionUID
	 */
	private static final long serialVersionUID = 1L;

	/**
	 * doGet
	 */
	public void doGet(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		doPost(request, response);
	}

	/**
	 * 登陆校验
	 */
	@SuppressWarnings("unchecked")
	public void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		response.setContentType("text/html;charset=UTF-8");
		request.setCharacterEncoding("UTF-8");
		response.setHeader("charset", "UTF-8");
		
		PrintWriter writer = response.getWriter();
		
		String resultStr = "";
		
//		AttendanceManager manage = new AttendanceManager();
//		manage.copyAttInfoToSys();
		
		// 获取用户名
		String username = request.getParameter("username");
		
		if ("".equals(username) || username == null)
		{
			writer.write("<script language='javascript'>alert('请勿提交非法数据！');window.history.back();</script>");
			return;
		}
		
		// 获取密码
		String password = request.getParameter("password");
		
		if ("".equals(password) || password == null)
		{
			writer.write("<script language='javascript'>alert('请勿提交非法数据！');window.history.back();</script>");
			return;
		}
		
		// 获取页面输入验证码
		String randCode = request.getParameter("randCode");
		
		if ("".equals(randCode) || randCode == null)
		{
			writer.write("<script language='javascript'>alert('请勿提交非法数据！');window.history.back();</script>");
			return;
		}
		
		// 获取页面图片验证码
		String sessionRand = (String)request.getSession().getAttribute("rand");
		
	    // 获取加密后的密码
		String encodePWD = Azdg.encrypt(password);
		
		String sql = "select * from app_login where UNAME='"+username+"'";
		DAO dao = new DAO();
		Vector<Hashtable<String, String>> v = new Vector<Hashtable<String, String>>();
		
		UserVO user = new UserVO();
		
		try {
			v = dao.getDataSet(ConstValue.DBNAME, sql);

			if (v != null && v.size() > 0) {
				Hashtable<String, String> table = v.get(0);
				
				user.setUid(Integer.parseInt(table.get("UID")));
				user.setUsername(table.get("UNAME"));
				user.setPassword(table.get("UPWD"));
				user.setName(table.get("NAME"));	
				user.setRemarked(table.get("REMARKED"));
			}
		} catch (Exception ex) {
			ex.printStackTrace();
		}
		
		if(randCode.equals(sessionRand))
		{
			if(encodePWD.equals(user.getPassword()))
			{
				resultStr = "{success:true}";
			}
			else
			{
				resultStr = "{success:false, errors:'userOrPassword'}";
			}
		}
		else
		{
			resultStr = "{success:false, errors:'validateCode'}";
		}
		
		// 将user对象保存在session中
		request.getSession().setAttribute("user", user);
		
		setDataDictionaryDfValue(request);
		
		// 返回响应码
		response.getWriter().print(resultStr);
	}
	
	/**
	 * 查询数据字典表第一条记录的PL_CODE(数据字典维护页面初始化右边树用)
	 * @param request
	 */
	@SuppressWarnings("unchecked")
	private void setDataDictionaryDfValue(HttpServletRequest request) {
	    String sql = "select PL_CODE from cm_proplist order by PL_CODE limit 0, 1";
	    
	    Vector<Hashtable<String, String>> v = new Vector<Hashtable<String, String>>();
	    DAO dao = new DAO();
	    
	    try {
	    	v = dao.getDataSet(ConstValue.DBNAME, sql);
	    	
	    	if (v != null && v.size() > 0) {
	    		Hashtable<String, String> table = v.get(0);
	    		request.getSession().setAttribute("ddFirstRecord", table.get("PL_CODE"));
	    	}
	    } catch(Exception ex) {
	    	ex.printStackTrace();
	    }
	}
}
